package com.example.yinhangmiaosha.filter;

import com.example.yinhangmiaosha.domain.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.web.filter.AccessControlFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class MyFilter extends AccessControlFilter {
    //判断是否拦截，false为拦截，true为允许
    @Override
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
        return false;
    }

    //上面的方法返回false后(被拦截)，会进入这个方法；这个方法返回false表示处理完毕(不放行)；返回true表示需要继续处理(放行)
    @Override
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        User user = (User) SecurityUtils.getSubject().getPrincipal();
        System.out.println("过滤器中用户："+user);
        return true;
    }
}
